New Value Solutions, a national IT consulting company, is seeking a Red Team Leader to support a large-scale public-sector cybersecurity engagement in a highly regulated justice environment. This role will lead Red Team penetration testing activities designed to evaluate detection, containment, response, and resilience across enterprise IT environments. The successful candidate will be responsible for engagement planning, scope definition, rules of engagement, team leadership, quality of findings, final reporting, and remediation guidance. This role will be remote within Canada, with occasional onsite activities as required.
Responsibilities
- Lead and coordinate end-to-end Red Team penetration testing engagements.
- Develop and maintain the Red Team engagement plan, including scope, objectives, attack scenarios, timelines, rules of engagement, and testing methodology.
- Manage Red Team members across external network, internal network, web application, social engineering, physical security, and related testing streams.
- Execute and oversee realistic cyberattack simulations to assess detection, containment, and response capabilities.
- Develop specifications, approach documents, and statements of work for Red Team and related security testing activities.
- Analyze findings and prepare final Red Team penetration testing reports, including executive summaries, technical findings, risk ratings, and remediation recommendations.
- Provide actionable remediation guidance and follow-up support.
- Present findings and recommendations to executive and technical audiences.
- Collaborate with engagement leadership on scope management, scheduling, reporting, and stakeholder communications.
- Ensure all activities comply with applicable legal, ethical, regulatory, and contractual requirements.
Requirements
- Minimum 6 years of experience leading Red Team penetration testing projects of similar scope and complexity within the last 10 years.
- Minimum 5 years of direct experience leading Red Team engagements and managing penetration testing teams, including engagement planning, scoping assessments, and final report delivery.
- Demonstrated leadership across external network, internal network, web application, social engineering, and physical security testing. Cloud testing experience is an asset.
- Strong experience preparing reports, presentations, and briefings for both executive and technical audiences.
- Experience developing engagement plans, rules of engagement, specifications, and statements of work.
- Experience in public-sector or other highly regulated environments is preferred. Justice/courts experience is an asset.
- Must be legally able to work in Canada.
- Must be able and willing to complete required Criminal Record Check and Enhanced Security Check processes within client timelines.
- CISSP, OSCP, GPEN, or equivalent industry-recognized certification is required.
If you have this expertise, and are able to work in Canada, please submit your resume. While we thank all candidates in advance for their application, only those candidates who are shortlisted will be contacted.
ID#5341
Questions:
- How many years of experience do you have leading Red Team or penetration testing engagements?
- What testing areas have you led (network, application, cloud, social engineering)?
- How many years of experience do you have managing penetration testing teams?
- Are you eligible for Enhanced Security Clearance in Canada?
- Which security certifications do you currently hold?
